132 matches found
GHSA-MRW7-HF4F-83PF vLLM deserialization vulnerability leading to DoS and potential RCE
Summary A memory corruption vulnerability that leading to a crash denial-of-service and potentially remote code execution RCE exists in vLLM versions 0.10.2 and later, in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using...
vLLM deserialization vulnerability leading to DoS and potential RCE
Summary A memory corruption vulnerability that leading to a crash denial-of-service and potentially remote code execution RCE exists in vLLM versions 0.10.2 and later, in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using...
GHSA-M9MP-6X32-5RHG scio is vunerable to Remote Command Execution through PyTorch
Impact PyTorch reported a critical vulnerability when using torch.load, even with option weightsonly=True, for torch = 2.6, starting from scio = 1.0.1 currently in dev state. Workarounds You can manually check that you are using torch = 2.6...
scio is vunerable to Remote Command Execution through PyTorch
Impact PyTorch reported a critical vulnerability when using torch.load, even with option weightsonly=True, for torch = 2.6, starting from scio = 1.0.1 currently in dev state. Workarounds You can manually check that you are using torch = 2.6...
EUVD-2025-13502
Malicious code in bioql PyPI...
EUVD-2025-21558
Malicious code in bioql PyPI...
EUVD-2025-25170
Malicious code in bioql PyPI...
Deserialization of Untrusted Data
Overview verl is a verl: Volcano Engine Reinforcement Learning for LLM Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the torch.load function in the modelmerger.py script when processing user-supplied .pt files with weightsonly=False. An attacker can...
CVE-2025-50461
A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/modelmerger.py script when using the "fsdp" backend. The script calls torch.load with weightsonly=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted...
CVE-2025-50461
A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/modelmerger.py script when using the "fsdp" backend. The script calls torch.load with weightsonly=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted...
CVE-2025-50461
A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/modelmerger.py script when using the "fsdp" backend. The script calls torch.load with weightsonly=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted...
CVE-2025-50461
CVE-2025-50461 describes a deserialization vulnerability in Volcengine Verl 3.0.0, specifically in scripts/model_merger.py when using the "fsdp" backend. The code calls torch.load() with weights_only=False on user-supplied .pt files, enabling arbitrary code execution if a malicious model file is ...
Deserialization of Untrusted Data
Overview ms-swift is a Swift: Scalable lightWeight Infrastructure for Fine-Tuning Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the torch.load function. An attacker can execute arbitrary commands by uploading a maliciously crafted adapter model file tha...
CVE-2025-49840
GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in inferencewebui.py. The GPTdropdown variable takes user input and passes it to the changegptweights function. In changegptweights, the user input,...
CVE-2025-49839 GHSL-2025-051: GPT-SoVITS Deserialization of Untrusted Data vulnerability
GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in bsroformer.py. The modelchoose variable takes user input e.g. a path to a model and passes it to the uvr function. In uvr, a new instance of...
CVE-2025-4701
The CVE-2025-4701 issue affects VITA-MLLM Freeze-Omni (up to 20250421), specifically the torch.load usage in models/utils.py where improper handling of the path argument enables deserialization and a potential local-host exploit. Root cause: manipulation of the path parameter in torch.load leads ...
PT-2025-21290 · Unknown +1 · Vita-Mllm Freeze-Omni +1
Name of the Vulnerable Software and Affected Versions: VITA-MLLM Freeze-Omni up to 20250421 Description: A problematic issue has been found, affecting the torch.load function in the models/utils.py file. The manipulation of the path argument leads to deserialization, allowing an attack to be...
The vulnerability of the torch.load() function in the PyTorch machine learning framework allows a hacker to execute arbitrary code.
The vulnerability of the torch.load function in the PyTorch machine learning framework is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Deserialization of Untrusted Data
Overview llamafactory is an Easy-to-use LLM fine-tuning framework Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the torch.load function. An attacker can execute arbitrary commands by crafting a malicious .bin file that is then deserialized. PoC pyth...
PYSEC-2025-41
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...